Pavel Machek wrote:
> > > Actually, after you add right mount xyzzy /foo lines into .profile,
> > > you can just . ~/.profile ;-).
> >
> > Is there a mount command that can do that? We're talking about
> > private mounts - invisible to other namespaces, which includes the
> > other shells.
> >
> > If there was a /proc/NNN/namespace, that would do the trick :)
>
> Sounds like the solution, then. I do not think Al Viro is going to
> kill you for /proc/NNN/namespace...
Looking closer, I think we already have it.
It's called /proc/NNN/root.
Does chroot into /proc/NNN/root cause the chroot'ing process to adopt
the namespace of NNN? Looking at the code, I think it does.
Furthermore, I think a daemon can acquire file descriptors for
multiple namespaces already, by open("/") and passing descriptors
between processes. And the chroot can be done using /proc/self/fd/N
after receiving a descriptor.
This is because file descriptors, and current->fs->pwd and
current->fs->root, record the vfsmnt as well as the dentry that they
opened.
So no new system calls are needed. A daemon to hand out per-user
namespaces (or any other policy) can be written using existing
kernels, and those namespaces can be joined using chroot.
That's the theory anyway. It's always possible I misread the code (as
I don't use namespaces and don't have tools handy to try them).
-- Jamie
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]
